Veritas Storage Foundation Multiple Service Remote DoS (SYM08-004)

Low Nessus Plugin ID 31862


The remote host contains an application that is affected by a denial of service issue.


Veritas Storage Foundation, a storage management solution from Symantec is installed on the remote host.

The installed version is reportedly affected by a denial of service vulnerability. By sending specially crafted IP packets to TCP port 4888, an unauthenticated attacker may be able to cause a denial of service condition and crash the scheduler service.

In addition the Administration service may also be affected by a heap overflow vulnerability.


Apply the appropriate patch as discussed in the vendor advisories above.

See Also

Plugin Details

Severity: Low

ID: 31862

File Name: veritas_storage_foundation_dos.nasl

Version: $Revision: 1.13 $

Type: remote

Published: 2008/04/15

Modified: 2016/11/29

Dependencies: 31861

Risk Information

Risk Factor: Low


Base Score: 3.3

Temporal Score: 2.4

Vector: CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:symantec:veritas_storage_foundation

Required KB Items: VERITAS/VeritasSchedulerService

Exploit Available: false

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2007-4516, CVE-2008-0638

BID: 25778, 27440

OSVDB: 41977, 41978

CWE: 20, 119